Kevin Benton has proposed adding a runtime check for netns permission problems: https://review.openstack.org/#/c/109736/ There seems to be consensus on the patch that this is something that we want to do at runtime, but that would seem to run counter to the precedent that host-specific issues such as this one be considered a deployment-time responsibility. The addition of the sanity check framework would seem to support the latter case: https://github.com/openstack/neutron/blob/master/neutron/cmd/sanity_check.py Thoughts? Maru